package org.jivesoftware.smack;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.X509TrustManager;

class ServerTrustManager
  implements X509TrustManager
{
  private static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
  private ConnectionConfiguration configuration;
  private String server;
  private KeyStore trustStore;
  private static Map<KeyStoreOptions, KeyStore> stores = new HashMap();

  public ServerTrustManager(String paramString, ConnectionConfiguration paramConnectionConfiguration)
  {
    this.configuration = paramConnectionConfiguration;
    this.server = paramString;
    FileInputStream localFileInputStream = null;
    char[] arrayOfChar = null;
    synchronized (stores)
    {
      KeyStoreOptions localKeyStoreOptions = new KeyStoreOptions(paramConnectionConfiguration.getTruststoreType(), paramConnectionConfiguration.getTruststorePath(), paramConnectionConfiguration.getTruststorePassword());
      if (stores.containsKey(localKeyStoreOptions))
      {
        this.trustStore = ((KeyStore)stores.get(localKeyStoreOptions));
      }
      else
      {
        try
        {
          this.trustStore = KeyStore.getInstance(localKeyStoreOptions.getType());
          if (localKeyStoreOptions.getPassword() != null)
            arrayOfChar = localKeyStoreOptions.getPassword().toCharArray();
          if (localKeyStoreOptions.getPath() == null)
          {
            this.trustStore.load(null, arrayOfChar);
          }
          else
          {
            localFileInputStream = new FileInputStream(localKeyStoreOptions.getPath());
            this.trustStore.load(localFileInputStream, arrayOfChar);
          }
        }
        catch (Exception localException)
        {
          this.trustStore = null;
          localException.printStackTrace();
          if (localFileInputStream != null)
            try
            {
              localFileInputStream.close();
            }
            catch (IOException localIOException1)
            {
            }
        }
        finally
        {
          if (localFileInputStream != null)
            try
            {
              localFileInputStream.close();
            }
            catch (IOException localIOException2)
            {
            }
        }
        stores.put(localKeyStoreOptions, this.trustStore);
      }
      if (this.trustStore == null)
        paramConnectionConfiguration.setVerifyRootCAEnabled(false);
    }
  }

  public X509Certificate[] getAcceptedIssuers()
  {
    return new X509Certificate[0];
  }

  public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
    throws CertificateException
  {
  }

  public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
    throws CertificateException
  {
    int i = paramArrayOfX509Certificate.length;
    List localList = getPeerIdentity(paramArrayOfX509Certificate[0]);
    if (this.configuration.isVerifyChainEnabled())
    {
      Object localObject1 = null;
      for (int k = i - 1; k >= 0; k--)
      {
        X509Certificate localX509Certificate = paramArrayOfX509Certificate[k];
        Principal localPrincipal1 = localX509Certificate.getIssuerDN();
        Principal localPrincipal2 = localX509Certificate.getSubjectDN();
        if (localObject1 != null)
          if (localPrincipal1.equals(localObject1))
            try
            {
              PublicKey localPublicKey = paramArrayOfX509Certificate[(k + 1)].getPublicKey();
              paramArrayOfX509Certificate[k].verify(localPublicKey);
            }
            catch (GeneralSecurityException localGeneralSecurityException2)
            {
              throw new CertificateException("signature verification failed of " + localList);
            }
          else
            throw new CertificateException("subject/issuer verification failed of " + localList);
        localObject1 = localPrincipal2;
      }
    }
    if (this.configuration.isVerifyRootCAEnabled())
    {
      int j = 0;
      try
      {
        j = this.trustStore.getCertificateAlias(paramArrayOfX509Certificate[(i - 1)]) != null ? 1 : 0;
        if ((j == 0) && (i == 1) && (this.configuration.isSelfSignedCertificateEnabled()))
        {
          System.out.println("Accepting self-signed certificate of remote server: " + localList);
          j = 1;
        }
      }
      catch (KeyStoreException localKeyStoreException)
      {
        localKeyStoreException.printStackTrace();
      }
      if (j == 0)
        throw new CertificateException("root certificate not trusted of " + localList);
    }
    Object localObject2;
    if (this.configuration.isNotMatchingDomainCheckEnabled())
      if ((localList.size() == 1) && (((String)localList.get(0)).startsWith("*.")))
      {
        localObject2 = ((String)localList.get(0)).replace("*.", "");
        if (!this.server.endsWith((String)localObject2))
          throw new CertificateException("target verification failed of " + localList);
      }
      else if (!localList.contains(this.server))
      {
        throw new CertificateException("target verification failed of " + localList);
      }
    if (this.configuration.isExpiredCertificatesCheckEnabled())
    {
      localObject2 = new Date();
      for (int m = 0; m < i; m++)
        try
        {
          paramArrayOfX509Certificate[m].checkValidity((Date)localObject2);
        }
        catch (GeneralSecurityException localGeneralSecurityException1)
        {
          throw new CertificateException("invalid date of " + this.server);
        }
    }
  }

  public static List<String> getPeerIdentity(X509Certificate paramX509Certificate)
  {
    Object localObject = getSubjectAlternativeNames(paramX509Certificate);
    if (((List)localObject).isEmpty())
    {
      String str = paramX509Certificate.getSubjectDN().getName();
      Matcher localMatcher = cnPattern.matcher(str);
      if (localMatcher.find())
        str = localMatcher.group(2);
      localObject = new ArrayList();
      ((List)localObject).add(str);
    }
    return localObject;
  }

  private static List<String> getSubjectAlternativeNames(X509Certificate paramX509Certificate)
  {
    ArrayList localArrayList = new ArrayList();
    try
    {
      Collection localCollection = paramX509Certificate.getSubjectAlternativeNames();
      if (localCollection == null)
        return Collections.emptyList();
    }
    catch (CertificateParsingException localCertificateParsingException)
    {
      localCertificateParsingException.printStackTrace();
    }
    return localArrayList;
  }

  private static class KeyStoreOptions
  {
    private final String type;
    private final String path;
    private final String password;

    public KeyStoreOptions(String paramString1, String paramString2, String paramString3)
    {
      this.type = paramString1;
      this.path = paramString2;
      this.password = paramString3;
    }

    public String getType()
    {
      return this.type;
    }

    public String getPath()
    {
      return this.path;
    }

    public String getPassword()
    {
      return this.password;
    }

    public int hashCode()
    {
      int i = 31;
      int j = 1;
      j = 31 * j + (this.password == null ? 0 : this.password.hashCode());
      j = 31 * j + (this.path == null ? 0 : this.path.hashCode());
      j = 31 * j + (this.type == null ? 0 : this.type.hashCode());
      return j;
    }

    public boolean equals(Object paramObject)
    {
      if (this == paramObject)
        return true;
      if (paramObject == null)
        return false;
      if (getClass() != paramObject.getClass())
        return false;
      KeyStoreOptions localKeyStoreOptions = (KeyStoreOptions)paramObject;
      if (this.password == null)
      {
        if (localKeyStoreOptions.password != null)
          return false;
      }
      else if (!this.password.equals(localKeyStoreOptions.password))
        return false;
      if (this.path == null)
      {
        if (localKeyStoreOptions.path != null)
          return false;
      }
      else if (!this.path.equals(localKeyStoreOptions.path))
        return false;
      if (this.type == null)
      {
        if (localKeyStoreOptions.type != null)
          return false;
      }
      else if (!this.type.equals(localKeyStoreOptions.type))
        return false;
      return true;
    }
  }
}

/* Location:           D:\hygieia\userclient\common\libs\easemobchat_2.1.8.jar
 * Qualified Name:     org.jivesoftware.smack.ServerTrustManager
 * JD-Core Version:    0.6.1
 */